Git/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2024-11-22 18:41:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Move Kex to SSH2.

Browse Source
This commit is contained in:
Andris Raugulis 2016-10-06 02:59:15 +03:00
parent a193059bc9
commit ec0b4704e9
1 changed files with 84 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

114
ssh-audit.py
View File

@ -147,40 +147,90 @@ class OutputBuffer(list):
sys.stdout = self.__stdout sys.stdout = self.__stdout
class KexParty(object): class SSH2(object):
encryption = [] class KexParty(object):
mac = [] def __init__(self, enc, mac, compression, languages):
compression = [] self.__enc = enc
languages = [] self.__mac = mac
self.__compression = compression
self.__languages = languages
@property
def encryption(self):
return self.__enc
class Kex(object): @property
cookie = None def mac(self):
kex_algorithms = [] return self.__mac
key_algorithms = []
server = KexParty()
client = KexParty()
follows = False
unused = 0
@classmethod @property
def parse(cls, payload): def compression(self):
kex = cls() return self.__compression
buf = ReadBuf(payload)
kex.cookie = buf.read(16) @property
kex.kex_algorithms = buf.read_list() def languages(self):
kex.key_algorithms = buf.read_list() return self.__languages
kex.client.encryption = buf.read_list()
kex.server.encryption = buf.read_list() class Kex(object):
kex.client.mac = buf.read_list() def __init__(self, cookie, kex_algs, key_algs, cli, srv, follows, unused=0):
kex.server.mac = buf.read_list() self.__cookie = cookie
kex.client.compression = buf.read_list() self.__kex_algs = kex_algs
kex.server.compression = buf.read_list() self.__key_algs = key_algs
kex.client.languages = buf.read_list() self.__client = cli
kex.server.languages = buf.read_list() self.__server = srv
kex.follows = buf.read_bool() self.__follows = follows
kex.unused = buf.read_int() self.__unused = unused
return kex
@property
def cookie(self):
return self.__cookie
@property
def kex_algorithms(self):
return self.__kex_algs
@property
def key_algorithms(self):
return self.__key_algs
# client_to_server
@property
def client(self):
return self.__client
# server_to_client
@property
def server(self):
return self.__server
@property
def follows(self):
return self.__follows
@property
def unused(self):
return self.__unused
@classmethod
def parse(cls, payload):
buf = ReadBuf(payload)
cookie = buf.read(16)
kex_algs = buf.read_list()
key_algs = buf.read_list()
cli_enc = buf.read_list()
srv_enc = buf.read_list()
cli_mac = buf.read_list()
srv_mac = buf.read_list()
cli_compression = buf.read_list()
srv_compression = buf.read_list()
cli_languages = buf.read_list()
srv_languages = buf.read_list()
follows = buf.read_bool()
unused = buf.read_int()
cli = SSH2.KexParty(cli_enc, cli_mac, cli_compression, cli_languages)
srv = SSH2.KexParty(srv_enc, srv_mac, srv_compression, srv_languages)
kex = cls(cookie, kex_algs, key_algs, cli, srv, follows, unused)
return kex
class SSH1(object): class SSH1(object):
@ -1570,7 +1620,7 @@ def audit(conf, sshv=None):
pkm = SSH1.PublicKeyMessage.parse(payload) pkm = SSH1.PublicKeyMessage.parse(payload)
output(banner, header, pkm=pkm) output(banner, header, pkm=pkm)
elif sshv == 2: elif sshv == 2:
kex = Kex.parse(payload) kex = SSH2.Kex.parse(payload)
output(banner, header, kex=kex) output(banner, header, kex=kex)